Auditing Headers

To provide more detailed auditing in our products it is possible to use optional HTTP headers to provide information about the origination of the request made towards the API.

Since the auditing information could be displayed to users of the Collector Bank products, we recommend only posting human readable, nonsensitive information in these headers.

Performed By#

To provide information identifying the user or person that performed the action resulting in the request towards the API, use the Performed-By HTTP header. The value posted could be any information identifying the user, e.g. a name, a username or an email.

Performed-By: firstname.lastname@collectorbank.se

Originated From#

To provide information about the origin of the request towards the API, use the Originated-From HTTP header. The value posted could be any information identifying the origin of the request, e.g. the name of the system integrating with the API, an end user system, a company or store name.

Originated-From: Collector Checkout
Please note

Please note that using the Originated-From header without the Performed-By header can result in the SOAP username being displayed in some products. To avoid this, post an empty value in the Performed-By header instead.